CLAIMS 

1 . In a distributed network which is registered with a unique domain name, 
said network comprising a number of clients and a number of authentication 
servers, said clients and said authentication servers being communicatively 
coupled to each other via a global telecommunication network, each of said 
authentication servers having a fully qualified domain name which is a local 
host name with said unique domain name appended, a distributed 
authentication system, wherein a given user enters a global user identification 
(GUID) and a password for authentication to be carried out at a target 
authentication server, said GUID comprising a user name, a delimitation 
symbol, and a domain portion which is same as the local host name of said 
target authentication server, said distributed authentication system 
comprising: 

means for parsing an entered GUID and extracting said domain portion 
therefrom; 

means for appending said unique domain to said domain portion to 
form a fully qualified domain name (formed FQDN); 

means for translating said FQDN to an Internet Protocol (IP) address 
representing said target authentication server; 

means for sending said user name and password to said target 
authentication server for authentication; and 



means for distributing and caching an authentication result. 

2. The distributed authentication system of Claim 1 , further comprising: 

means for automatically mapping any unrecognized FQDN into a 
default server which carries out authentication on the user's authentication 
request. 

3. The distributed authentication system of Claim 1 , wherein said means for 
translating consults a domain name system (DNS) to obtain an Internet 
Protocol (IP) address representing said target authentication server. 

4. The distributed authentication system of Claim 1 , wherein said means for 
translating consults a local mapping list to obtain an Internet Protocol (IP) 
address representing said target authentication server. 

5. A method for providing distributed authentication service, wherein a given 
user enters a global user identification (GUID) and a password for 
authentication to be carried out at a target authentication server, said GUID 
comprising a user name, a delimitation symbol, and a domain portion which is 
same as the local host name of said target authentication server, said 
method comprising the computer-implemented steps of: 

entering the user's GUID and password; 

parsing said entered GUID and extracting said domain portion from 
said GUID; 



appending a unique domain name to said domain portion to form a fully 
qualified domain name (FQDN); 

looking up said FQDN in a domain name system (DNS) to obtain an 
address representing said target authentication server; 

5 sending said user name and password to said target authentication 

server for authentication; and 

distributing and caching an authentication result. 

6. The method of Claim 5, further comprising the steps of: 

if said step of looking up fails, automatically mapping an unrecognized 
10 FQDN into a default server which performs authentication on the user's 
authentication request. 

7. In a distributed network which is registered with a unique domain name, 
said network comprising a number of clients and a number of authentication 
servers, said clients and said authentication servers being communicatively 

15 coupled to each other via a global telecommunications network, each of said 
authentication servers having a fully qualified domain name which is a local 
host name with said unique domain name appended, a method for providing 
distributed authentication service, wherein a given user enters a global user 
identification (GUID) and a password for authentication to be carried out at a 

20 target authentication server, said GUID comprising a user name, a 
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delimitation symbol and a domain portion which is same as the local host 
name of said target authentication server, said method comprising the steps 
of: 

entering the user's GUID and password; 

5 parsing entered GUID and extracting said domain portion from said 

GUID; 

H 

appending said unique domain name to said domain portion to form a 

111 fully qualified domain name (FQDN); 

H 

g 

checking a local list of registered fully qualified domain names (FQDN) 

m 10 to obtain an Internet Protocol (IP) address for said target authentication 

fIJ 

61 server, wherein each FQDN in said local list is mapped to a unique IP 

| 

address; 

sending said user name and password to said target authentication 
server for authentication; and 

15 distributing and caching an authentication result. 

8. The method of Claim 7, further comprising the step of: 

if said step of checking fails, automatically mapping an unrecognized 
FQDN into a default server which performs authentication on the user's 
authentication request. 
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9. In a distributed network which is registered with a unique domain name, 
said network comprising a number of clients and a number of authentication 
servers, said clients and said authentication servers being communicatively 
coupled to each other via a global telecommunications network, each of said 
5 authentication servers having a fully qualified domain name which is a local 
host name with said unique domain name appended, a method for providing 
distributed authentication service, wherein a given user enters a global user 

H 

I; identification (GUID) and a password for authentication to be carried out at a 

f5 

K target authentication server, said GUID comprising a user name, a 

H 

•2 10 delimitation symbol and a domain portion which is same as the local host 
q name of said target authentication server, said method comprising the 

Si 

IM computer-implemented steps of: 

© 

• IJ entering the user's GUID and password; 

parsing said GUID and extracting said domain portion; 

15 appending said unique domain name to said domain portion to form a 

fully qualified domain name (FQDN) in said unique domain; 

checking a local list of registered fully qualified domain names 
(RFQDN) to obtain an Internet Protocol (IP) address for said target 
authentication server, wherein each RFQDN in said local list is mapped to a 
20 unique IP address; 



26 



if said step of checking fails, looking up a domain name system (DNS) 
to obtain an Internet Protocol (IP) address representing said FQDN; 

sending said user name and password to said target authentication 
server for authentication; and 

distributing and caching an authentication result. 

10. The method of Claim 9, further comprising the step of: 

if said step of looking up fails, automatically mapping an unrecognized 
FQDN into a default server which performs authentication on the user's 
authentication request. 

1 1 . A method for providing distributed authentication service, wherein a given 
user enters a global user identification (GUID) and a password for 
authentication to be carried out at a target authentication server, said GUID 
comprising a user name, a delimitation symbol and said target authentication 
server's domain name, said method comprising the steps of: 

entering the user's GUID and password; 

parsing said entered GUID and extracting said target authentication 
server's domain name; 

pre-pending said common local host name to said target authentication 
server's domain name to form a fully qualified domain name (FQDN); 



checking a local list of registered fully qualified domain names 
(RFQDN) to obtain an address for said target authentication server, wherein 
each RFQDN in said local is mapped to a unique address; 

sending said user name and password to said target authentication 
5 server for authentication; and 

distributing and caching an authentication result. 

H ■ 

5 1 2. The method of Claim 1 1 , further comprising the step of: 

i 
m 

H if said step of checking fails, looking up said FQDN in a domain name 

P 

system (DNS) to obtain an address representing said target authentication 

Q - 

HI 10 server. 

HI 

Si 

O 13. The method of Claim 12, further comprising the steps of: 

PI 

if said step of looking up fails, automatically mapping an unrecognized 
FQDN into a default server which performs authentication on the user's 
authentication request. 

15 14. In a distributed network comprising a number of clients and a number of 
authentication servers, said clients and said authentication servers being 
communicatively coupled to each other via a global telecommunications 
network, each of said authentication servers having a fully qualified domain 
name which is a local host name with its domain name appended, a method 

20 for providing distributed authentication service, wherein a given user enters a 
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global user identification (GUID) and a password for authentication to be 
carried out at a target authentication server, said GUID comprising a user 
name, a delimitation symbol and said target authentication server's domain 
name, said method comprising the steps of: 

5 entering the user's GUID and password; 

parsing said entered GUID and extracting said target authentication 
server's domain name; 

checking a local list of domain names to obtain an Internet Protocol (IP) 
address for said target authentication server, wherein each domain name in 
10 said list is mapped to a registered authentication server's IP address; 

sending said user name and password to said target authentication 
server for authentication; 

distributing and caching an authentication result. 

15. The method of Claim 14, further comprising the step of: 

15 if said step of checking fails, automatically mapping an unrecognized 

domain name into a default server which performs authentication on the 
user's authentication request. 
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